build errors. First time cmake user
I just downloaded the wireshark source code master V2_4 and did a build with Cmake and got 1206 errors and 600 warnings. This is the base code and I haven't modified any source code to it yet. scanning through the errors, they appeared to be undefined, syntax errors, missing parameters for function calls, etc...
I've been using version 1.12 with nmake for the past several years and thought of upgrading to v24. I created a new directory for version 24, so it should not be sharing the libraries. This is the first time using cmake and I am still using visual studio 10 version which I already have downloaded for the older version. Please suggest. thank you
I have more questions, after building successfully the baseline code wireshark version 2.6 (64bit) and I added a custom dissector in /plugins directory. It built successfully if I did not change the CMakeListsCustom.txt per section 9.2 direction. But did not see the new custom dll in /run/RelWithDebInfo/plugins/2.6. I was expecting the new dll to be there. If I made changes to CMakeListsCustom.txt and added the path to the new custom dissector folder, I could not build, it gave me error in configuration stage. This is the only thing I could not follow from section 9.2 instruction.
Am I missing something here? I read the README.plugins in doc directory, but it seems it is outdated? I could not find epan/gryphon for instance and it did not match instruction on section 9.2.
The question here is I just want to ...(more)
I think I found the new dll's that I added in /run/RelWithDebInfo. But the dll's doesn't seem to dissect when I open the wireshark.exe from this directory. Am I supposed to add these dll's plugins in some other folder? Since in version 1.12.6, there is a wireshark-gtk2 directory where I can test out my dlls. These are the same source code that I ported over from another machine with wireshark version based 1.12.6. which dissects fine with that version, so I am not sure why it did not function in version 2.6. I had to change some prototypes of some functions to upgrade from 1.12.6 to 2.6, but it did build successfully and dlls are generated it seems. Where and how can I test these new dlls? Do you have any idea? thanks
Yes the instructions in 9.2 are required, you must add a CMakeListsCustom.txt with the required path to your custom plugin.
Gryphon has been moved to a built-in dissector, the docs will be updated. Use any other plugin to copy (and modify accordingly) the CMakeLists.txt and plugin.rc.in.
The Wireshark API can and does change between versions, even 2.4 -> 2.6 for instance, so taking code written for 1.12.6 and porting it to 2.6.0 will definitely require changes.
When building a RelWithDebInfo build on Windows, the generated binaries and all supporting files are found in run/RelWithDebInfo. Running Wireshark from that directory will load all the plugins built. If you aren't getting the dissection you expect, then it's likely that you haven't correctly updated the dissector for use with 2.6.0.
Our custom dll is to dissect l2tpv3 frames. It generates the custom dll in the RelWithDebInfo but when open wireshark, it is still dissecting as a default Cisco HDLC frame. Not sure what I'm missing here.Will be looking into this. Was wondering where to add this custom dissector code? Placing in plugins directory did not seem to work. And tried moving under wireshark/plugins/epan doesn't seem to work also. I have a dir path instead of just one file for this custom code.
If the dll appears in the correct place in the RelWithDebInfo directory along with the other plugin dll's, then it is building correctly and it's likely to be code changes in Wireshark that is preventing your plugin from being called.
What does your protocol registration handoff routine look like?
Apparently I was incorrect in a previous comment, Gryphon remains a plugin.
I believe this instruction maybe an issue. This is in
proto_reg_handoff
I saw in gryphon, it uses dissectoraddunitwithpreference. Does the function dissectoradduint needs to be replaced? thanks in advance.
after I changed the function to
dissector_add_uint_with_preference
, the dll did not get generated, instead when I launched the wireshark.exe, it gave me this error for several dlls. Some dlls are not mine, but got this message saying Mutiple problems found. The plugin 'usbdump.dll' has noplugin_version
symbol. and the same errors for ethercat.dll, grpyhon.dll, etc. including my custom dll.oh, I saw my custom dll and gryphon.dll in run/RelWithDebInfo/plugins/2.6/epan instead of under run/RelWithDebInfo. It got generated, but still having issue dissecting. Looking at the packet-l2tp code and realized the
proto_reg_handoff
is the same as my custom dll. I am not sure these 2 source code can co-exist in rel2.6? I have the same code in rel1.12 and it worked fine. My custom dll took precedence over (dont know which dll gets generated for l2tp) if it's there. They both have the sameIP_PROTO_L2TP (115)
for identifier. One other thing in my code is find_dissector function. Does it still work?Ok, my question now is can both dissectors co-exists. As both
proto_reg_handoff_l2tp
andproto_reg_handoff_pmi
(my custom) are trying to register with the sameIP_PROTO_L2TP
it appears the l2tp always took precedence. For some reason, in older version ...(more)AFAIK the order of registration isn't guaranteed. Have you tried disabling the built-in dissector via the GUI option Analyze | Enabled Protocols ?
tried disabling ll2tp protocol from GUI Analyze->EnabledProtocols-> unchecked the l2tp, and the frames are decoded as IPv4 frames instead of custom frames. When I disabled, IPv4 (unchecked this box) and the frmaes are shown as generic Protocol 0x0800. I dont know how to enable the custom protocol.
I wasn't sure if disabling also stopped the registration, apparently it doesn't. I think you'll have to disable the built-in dissector in your build. Comment out the file in epan\dissectors\CMakeLists.txt, regenerate the CMake files and rebuild.
was wondering before changing the build-in dissector, whether wireshark can provide a method to choose the frame preference. For example, in GUI, Edit->Preferences->Portocol->Frame->Treat all frames as L2TP? Currently, there's a way to treat all frames ad docsis frames or not with a box (checked or unchecked). Even if there's no GUI, do you know a source code for this view preferences to treat frames as?
here's one of my
(more)proto_reg_handoff
file looks like. I tried to fix the warnings associated to my file and pretty much cleaned up. But when launched the wireshark I saw Wireshark prompted with "Multiple problems found... The plugin "usbdump.dll" has no "plugin_version symbol...." and similar messages for several of the dlls including mine. And was not sure this is causing my plugin to not recognized by the wireshark. I also downloaded the latest stable release version 2.6 on my pc and added the generated plugins dll's in /plugins/2.6/epan directory, but still did not recognized by the tool. In the old version 1.12, if I placed these dlls in the /plugins/1.12 directory, it works. I can view from Help->About Wireshark->Plugins, the dlls will show up there, but not in 2.6 version.The
proto_reg_handoff_xxx
should look like this:Can you also show:
dissect_3146
functionproto_register_xxx
function that registers the protocol and preferences.The dissection function:
Here's another one with register